Rodrigo Oliveira
Lisbon
Summary
IT/cybersecurity professional with over 8+ years of experience in identifying and mitigating cyber threats, implementing security protocols and policies, and security incidents. Strong understanding of industry-standard security tools and regulations. Proven ability to identify and resolve security vulnerabilities and design and implement security solutions to protect sensitive data. Demonstrated ability to effectively communicate and collaborate with cross-functional teams to identify and resolve security issues.
Overview
10
10
years of professional experience
1
1
Certification
Work History
Splunk / Cyber Security Engineer
Confidential
02.2021 - 12.2023
- Conducted research to test and analyze feasibility, design, operation and performance of equipment, components, and systems.
- Read and interpreted blueprints, technical drawings, schematics, and computer-generated reports.
- Resolved architecture, design or verification problems by applying sound ASIC engineering practices.
- Interpreted blueprints and technical drawings to analyze upcoming projects.
Information Security Specialist / Splunk Engineer
Confidential
11.2019 - 01.2021
- Consulted with team members to assess flawed root causes and plan for remediation.
- Partnered with IT department members to minimize exploits on system coverage.
- Managed information system regulatory compliance to meet updated guidelines.
- Contributed system roadmapping, design and launch services to address information vulnerability.
Cyber Security Analyst/Engineer
Confidential
09.2018 - 12.2019
- Executed incident remediation processes across Windows, Mac, and Linux platforms using Falcon Real Time Response (Including PowerShell, Bash, etc.).
- Performed Malware Analysis/Reverse Engineering to obtain an understanding of malware capabilities, and what the threat actor was attempting to accomplish.
- Conducted host-based forensic investigations to discover, correlate, and remediate artifacts, understand the full impact and scale of the attack, and prevent further damage/attacks.
- Developed and improved processes for incident detection and the execution of countermeasures.
- Produced high-quality written and verbal communications, recommendations, and findings to customer management
Information Security Analyst / Splunk Admin
Confidential
01.2017 - 02.2019
- Monitored use of data files and regulated access to protect secure information.
- Monitored computer virus reports to determine when to update virus protection systems.
- Conducted security audits to identify vulnerabilities.
- Administered and monitored firewalls, intrusion detection systems and anti-virus software to detect risks.
Security Analyst
Confidential
08.2017 - 10.2018
- Provided effective security monitoring through triage, investigation, communication, and reporting.
- Reviewed and processed alarms from various security tools (AlienVault, CarbonBlack, Cisco Umbrella, CrowdStrike Falcon, FortiSIEM, IBM QRadar, and more) focusing on alarms of a malicious nature.
- Performed advanced investigations using threat modeling to obtain an in-depth understanding of adversarial tactics, techniques, and procedures, optimizing the ability to prevent, detect, and remediate compromise.
- Initiated and participated in the incident response process and wrote detailed incident response reports.
- Recommended improvements to the incident response process based on lessons learned.
- Initiated tickets to customers based on the results of alarm review (Jira, RT, ServiceNow).
- Executed whitelisting, blacklisting, and malware removal to mitigate and remediate the attack.
- Conducted threat hunting in client environments to discover any threats that their security tools did not detect.
- Provided recommendations for the tuning of alarms based on the day-to-day analysis and trending of security log data.
- Monitored industry trends and security news to maintain a high level of awareness of the threats and challenges our customers faced.
Information Security Engineer
Confidential
05.2016 - 07.2017
- Represented company's technical security interests to partners to provide bi-directional flow of technical information and best practices in information security.
- Applied leading theories and concepts to development, maintenance and implementation of information security standards, procedures and guidelines.
- Developed, implemented and documented security programs and policies and monitored compliance across departments.
- Led teams of up to [Number] in developing and implementing security systems, resulting in [Number]% fewer threats.
Cyber Security Engineer
Confidential
03.2015 - 05.2016
- Performing Malware Analysis/Reverse Engineering activities and using the findings to identify potential artifacts/persistence for remediation, enrich our Threat Intelligence and Threat Hunting efforts, and bolster our detection capability.
- Acting as a subject matter expert for EDR/XDR technologies, Malware Analysis/Reverse Engineering, and Forensics.
- Utilize software development and reverse engineering skills to triage and reverse malware, as well as develop offensive methods
- Key contributor to multiple technical projects, including EDR/XDR, Malware Analysis, Threat Intelligence, and Threat Hunting.
- Creating detailed Standard Operating Procedures (SOPs), Killbooks/Response Playbooks, and other technical documentation for the Cyber Operations function.
- Handling investigations of varying magnitude, including those of the highest complexity without the need for supervision or oversight.
- Conducting interviews for Security Analysts and providing them with comprehensive training when hired. Additionally, serving as a technical escalation point for the Security Operations team as a whole.
- Developing and improving processes for incident detection and the execution of countermeasures.
- Ensuring continuous improvement of industry expertise through year-round engagement in courses, certifications, and conferences.
Network Engineer
Confidential
01.2014 - 03.2015
- Managed, tracked, and coordinated problem resolution and escalation processes.
- Troubleshot complex multi-vendor network service provider issues.
- Provided network support services for devices such as hubs, bridges, routers, and other hardware.
- Performed troubleshooting for Juniper, Cisco, and packet analysis.
Education
Bachelor of Science - Computer Engineering
University of Lisbon
Lisbon, Portugal12.2013
Skills
Mentorship and Talent Development
SOAR (XSOAR, Splunk Phantom, IBM Resilient)
Malware Analysis and Reverse Engineering
Security Research
Enterprise Security Operations
Digital Forensics
ProofPoint
XDR/EDR (CrowdStrike, CarbonBlack, Cortex XDR)
Cortex XSOAR/Demisto
Incident Management (Jira, RT, ServiceNow)
Technical Project Leadership
REMnux
Threat Intelligence
Risk Management
Penetration Testing
ZScaler
C, PowerShell,Python,Java,JavaScript
WireShark
SIEM (AlienVault, FortiSIEM, Splunk)
Certification
- CompTIA Security+
- Amazon Web Services Security Specialty
- GIAC Exploit Researcher and Advanced Penetration Tester (GXPN)
- GIAC Reverse Engineering Malware (GREM)
- GIAC Web Application Penetration Tester (GWAPT)
Timeline
Splunk / Cyber Security Engineer
Confidential
02.2021 - 12.2023
Information Security Specialist / Splunk Engineer
Confidential
11.2019 - 01.2021
Cyber Security Analyst/Engineer
Confidential
09.2018 - 12.2019
Security Analyst
Confidential
08.2017 - 10.2018
Information Security Analyst / Splunk Admin
Confidential
01.2017 - 02.2019
Information Security Engineer
Confidential
05.2016 - 07.2017
Cyber Security Engineer
Confidential
03.2015 - 05.2016
Network Engineer
Confidential
01.2014 - 03.2015
Bachelor of Science - Computer Engineering
University of Lisbon
Similar Profiles
ALI RAZA AHMEDALI RAZA AHMED
Chief Accountant and Finance Manager at ConfidentialChief Accountant and Finance Manager at Confidential
Raviteja KothagallaRaviteja Kothagalla
Senior Technical Lead at ConfidentialSenior Technical Lead at Confidential
Lisa HawryschukLisa Hawryschuk
Director of Practice Operations at ConfidentialDirector of Practice Operations at Confidential